Intertek Acumen Security is a worldwide leader in cybersecurity evaluation and certification, enabling you to get products into the hands of customers faster. Our team has extensive expertise in a diverse set of standards and certifications to meet your needs, including FIPS 140-2 and 140-3, Common Criteria, CSFC, UC APL, and more. While our security know-how is unrivaled, it’s our service and overall project management that truly sets us apart. Intertek Acumen Security is part of Intertek Group (“ITRK”), a FTSE 100 listed company on the London Stock Exchange with more than 40,000 employees across 1,000+ offices around the world.
On the road, at work and at home – DEKRA’s skilled experts create increased safety and security across all the key areas of life. The company has a clear and ambitious vision of the future. The vision for the company’s 100th birthday in 2025 is to see DEKRA as the global partner for a safe and secure world.
Our broad service portfolio with qualified and independent expert services range from vehicle inspection and expert appraisals to claims services, industrial and building inspections, safety consultancy, testing, cybersecurity evaluation and certification and penetration testing of products and systems, as well as training courses and temporary work.
The Cybersecurity division of DEKRA is an internationally recognized leading Common Criteria IT security evaluation facility and FIPS 140-3 testing laboratory for cryptographic modules.
The lab is accredited under the CCRA terms in the Spanish and Turkish schemes for the latest Common Criteria version and in the Spanish scheme under the SOGIS terms in the Hardware Devices with Security Boxes Technical Domain. DEKRA is also accredited by the USA NIST Cryptographic Module Validation Program (CMVP).
Our lab is currently on the leading edge of the practical application of security evaluation and testing. Our business model is based on long-term investment with our customers and in the sharing and community progress of the application of the CC and FIPS 140-3, as demonstrated by our presence and presentation of results at the International Common Criteria Conference during the past years and our investments in the applicable standards development.
With presence and customers across 5 continents, Secure-IC is the rising leader and only global provider of end-to-end cybersecurity solutions for embedded systems and connected objects. Secure-IC provides patented cutting-edge protection technologies to the electronic industries. Secure-IC’s integrated Secure Elements are embedded into hundreds of millions of electronic chips for smartphones, computers, automobiles, smart meters, cloud servers and more.
TÜV Informationstechnik – based in Essen, Germany – is one of the world’s leading IT security service providers. We offer various Cyber Security services that are oriented towards your specific requirements: from one-time projects to regular tests, and certifications. With our problem-solving approaches, you are optimally prepared to identify vulnerabilities, eliminate them sustainably, and continuously increase your security level. TÜViT combines the necessary expertise and know-how in its evaluation body “IS-revision and penetration testing”, so that your data, IT and business processes are sustainably protected. Especially in the field of Industrial Security, we provide you with all services associated with IEC 62443 standard from a single source. We can look back on numerous projects in this field, as well as our participation in IEC standardization committees.
Our portfolio also includes software and hardware evaluation, IoT/Industry 4.0, data protection, ISMS, smart energy, mobile security, automotive security, eID and trust services as well as the testing and certification of data centers for physical security and high availability.
TÜV Informationstechnik, founded in 1995, is a member of the TÜV NORD GROUP, one of the world’s largest technology service providers with over 14,000 employees and business activities in 100 countries worldwide.
atsec information security is an international, independent, standards-based Information
Technology security consulting, evaluation, and testing services company that combines a
business-oriented approach to information security with in-depth technical knowledge.
Through our presence in Europe, U.S. and Asia, we address commercial and government
sectors worldwide. Our colleagues are experts in various technologies, including operating
systems, databases, network devices, embedded systems, and many more.
Our laboratories evaluate and test commercial products against standards such as Common
Criteria, FIPS 140-3, O-TTPS, PCI, ISO/IEC 27001, and NESAS to assure users about the
security of products they buy and use. We have conducted many vulnerability assessments,
cryptographic tests, security audits, and independent assessments for customers of varying
sizes, including customers in the telecommunications, financial, energy, and defense
atsec is a leader and key contributor to the industry, as evidenced by our founding of the
annual International Cryptographic Module Conference (ICMC). We actively contribute to the
various Common Criteria working groups, the ISO working group that authors the standard
for cryptographic module validation, known as ISO/IEC 19790, to the GSMA security groups,
and to the European Cyber Security Act working groups.
Applus+ Laboratories is a division of the Applus+ Group that provides testing and certification from a network of multidisciplinary laboratories in Europe, Asia, and North America.
Our Cybersecurity laboratories support developers of ICT products, components, and systems to demonstrate the compliance with applicable requirements and standards.
In 2022, the cybersecurity labs jtsec and Lightship Security became part of Applus+.
We provide Common Criteria evaluations worldwide, EAL based and PP-based for various schemes, including NIAP-listing and SOG-IS Technical Domains. We are also active contributors for EUCC scheme definition. Our labs are accredited for FIPS 140-3, the Spanish LINCE, and other schemes.
Trusted to transform missions with the power of tomorrow’s technologies, Booz Allen advances the nation’s most critical civil, defense, national security, and commercial priorities. We lead, invest, and invent where it’s needed most—at the forefront of complex missions, using innovation to define the future. We combine our in-depth expertise in AI and cybersecurity with leading-edge technology and engineering practices to deliver impactful solutions. Combining more than 100 years of strategic consulting expertise with the perspectives of diverse talent, we ensure results by integrating technology with an enduring focus on our clients. We’re first to the future—moving missions forward to realize our purpose: Empower People to Change the World®.
eShard is a cybersecurity specialist that develops and markets cyber testing solutions. eShard’s solutions allow industries to qualify their cyber protections in the face of the complexity of attacks. To date, eShard has 3 software product offerings to increase confidence in digital:
1/ Cyber test solution for chips (Chip Security): Evaluation of the resistance of chips (military, payment, IoT) to physical attacks in the most critical layers of the systems (cryptographic algorithms or the bootloader).
2/ Cyber testing solution for mobile applications (esChecker): Dynamic SaaS tool for analyzing the binary code of mobile applications both for Android and iOS.
3/ Cyber testing solution for Windows or Linux systems (esReven): Vulnerability analysis solution for Windows/Linux systems.
FIPS 140 validated encryption is a crucial requirement for virtually all vendors pursuing Common Criteria certification. Normally, FIPS 140 validation is difficult, expensive, infamous for delays, and can takes as long as two years. SafeLogic simplifies the process via its unique FIPS Validation-as-a-Service that obtains FIPS certificates in as little as two months, then keeps them Active over time. Established in 2012, SafeLogic has an impressive roster of customers and partners, from major household names to tiny innovative startups, that have turned to SafeLogic as their trusted cryptography and encryption partner.
The European Cyber Security Organisation (ECSO) is a non-for-profit organisation, established in 2016. ECSO unites more than 250 European cybersecurity stakeholders, including large companies, SMEs and startups, research centres, universities, end-users, operators, associations and national administrations. ECSO works with its Members and Partners to develop a competitive European cybersecurity ecosystem providing trusted cybersecurity solutions and advancing Europe’s cybersecurity posture and its technological independence.
More information: www.ecs-org.eu.
With over 25 years of experience, Eurosmart gathers technological experts in the field of Digital Security. This Brussels-based association advocates for a high security level in digital interactions.
Members of Eurosmart are designers or manufacturers of secure elements, semiconductors, smart cards, systems on chip, High Security Hardware and terminals; biometric technology providers; system integrators; secure software and application developers and issuers. Members are also involved in security evaluation as laboratories, consulting companies, research organisations and associations.
The Common Criteria Users Forum (CCUF) was founded in 2012 and is a community based around those using the Common Criteria and ISO/IEC 15408 standards. The CCUF is an evolution of the CC Vendors’ forum (founded in 2004) and the CC Forum (founded in 2010). The Common Criteria Users’ Forum mission is to provide a voice and communications channel between the CC community and the CC organizational committees, CC evaluation schemes, and policy makers.
GlobalPlatform is a technical standards organization that enables the efficient launch and management of innovative, secure-by-design digital services and devices, which deliver end-to-end security, privacy, simplicity and convenience to users. It achieves this by providing standardized technologies and certifications that empower technology and service providers to develop, certify, deploy and manage digital services and devices in line with their business, security, regulatory and data protection needs.
OASIS is a nonprofit consortium advancing open standards and open source development on a global scale. We’re the home of KMIP, STIX, TAXII, OpenC2, PKCS#11, SAML and CACAO course-of-action playbooks. One of our largest open source projects is the Open Cybersecurity Alliance (OCA). OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. OCA open project operates independently under industry-approved process and IPR policies. All are welcome to participate.
Trusted Connectivity Alliance (TCA) is a global, non-profit industry association working to enable trust in a connected future. The organisation’s vision is to drive the sustained growth of a connected society through trusted connectivity which protects assets, end user privacy and networks.
TCA members are leaders within the global Tamper Resistant Element (TRE) ecosystem, and work collectively to define requirements and provide deliverables of a strategic, technical and marketing nature. This enables all stakeholders in our connected society to benefit from the most stringent secure connectivity solutions that leverage TCA members’ expertise in tamper proof end-to-end-security.